NSA Publishes Blueprint For Top Secret Android Phone

mask.of.sanity writes "The National Security Agency has designed a super-secure Android phone from commercial parts, and released the blueprints(Pdf) to the public. The doubly-encrypted phone, dubbed Fishbowl, was designed to be secure enough to handle top secret phone calls yet be as easy to use and cheap to build as commercial handsets. One hundred US government staff are using the phones under a pilot which is part of a wider project to redesign communication platforms used in classified conversations."

I want one.

[roc97007]

That'd be the coolest geeky thing to have. Although I suspect it doesn't do you a lot of good unless both sides of the conversation is using them.

Re:I want one.

[Dunbal]

Surely you mean all three sides of the conversation...

Re:I want one.

[roc97007]

If you're implying a back door, the overriding problem as far as I can see is that if you have a secret double encrypted phone with an option, no matter how secret, for someone else to listen in, as a secret organization you wouldn't dare use the phone. Because somehow, by hook or by crook, by bribery, blackmail or corruption from the richest countries and individuals of the world, that back door *will* be made available to foreign powers. It's inevitable.

And so, the NSA will have created a phone that the NSA itself could not use.

If it had been intended as a honey pot, then bravo. Otherwise, no.

Re:I want one.

[Dunbal]

And so, the NSA will have created a phone that the NSA itself could not use.

And this surprises you how, exactly?

Most security boils down to "security by obscurity" when you get past all the smoke and mirrors. Someone at the top above all the compartmentalization made the decision that he simply won't tell anyone about the back door. Except for Dan in Dept A where such a backdoor would be very VERY useful, you know, to keep tabs on the operatives, etc; and Roger in Dept B whose job it is to keep tabs on Dept A. Both Dan and Roger are trustworthy and sworn to secrecy, so there's no way that this back-door will be abused or leaked. Ever. Except...

Re:

[darkmeridian]

The NSA has been pretty good at strengthening commercial encryption. Part of their mandate is to help strengthen America's commercial security infrastructure as well as to hack that same security infrastructure, which makes them not so trustworthy in some eyes but practical helpers in others. Aside from the Clipper chip, the NSA helped strengthen DES through changes to the S-box, helped make Windows 7 more secure by working with Microsoft (lol), and of course, SE Linux.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Spy Handler]

don't rely on it too much... these are the same folks who sold captured German Enigma machines to foreign governments in the 50s saying they're unbreakable.

Re:

[roc97007]

Right, but they weren't stupid enough to use the Enigma machine *themselves*, knowing that it had been broken. If the NSA is planning to use the phones, the NSA must think they're secure. If they're planning to build them and not use them, the phones are bait for very stupid organizations. Either way it would be interesting to own one, although you probably shouldn't call your tax accountant with it.

And as I said in another article, if the NSA thinks they can include a back door and somehow think they ca

Re:

[cavreader]

Well they probably didn't really care since the Polish and England scientists already figured it out. And the "folks" making the statement you mentioned were most likely utterred by an one or two individuals not the organization as a whole. The US was more interested in moving nuclear physics from the white board to real world applications such as building nuclear weapons. Wasting resources on something already accomplished by others would have been a waste. And by the way England had a large head start wit

Double Encryption???

[msgmonkey]

Wow sounds very secure, hopefully they did n't decide to go with ROT-13 twice.

Re:Double Encryption???

[alostpacket]

Not only double secure, but if you're caught doing something nefarious, they put you on double secret probation. They have also contacted Double Mint Gum about possible trademark licensing.

Re:

[Ihmhi]

They even got Falcon Northwest on board to paint every phone in a unique "Double Rainbow" theme.

Re:

[Dr.Dubious DDQ]

"Double Mint Gum"

Don't do that to me. You make my brain go strange places.

I'm picturing a security-focussed Linux-based portable computer, that uses the Linux Mint [linuxmint.com] distribution, but only a really stripped-down, bare-minimum installation. Just enough that once you set up the password to log in, you can then run a virtual machine from an encrypted loopback device which actually contains a "full" Linux Mint distribution.

And then you install that setup on one of these [gumstix.com]...

"Double Mint Gum(stix)"

Re:

[Beryllium Sphere(tm)]

Anything is vulnerable to attacks on reduced-round variants. For full security, do what I did for this post: the full 16 rounds of ROT-13.

Re:

[mjwx]

Wow sounds very secure, hopefully they did n't decide to go with ROT-13 twice.

Not just double encryption but double secret encryption.

My bet is on the password being 1-2-3-4-5

Re:

[Neil Boekend]

Nobody would dare to use that password anymore, so they'll not check it. Therefore it's the most secure.

Re:

[Hentes]

No, they went with XOR twice.

Re:Double Encryption???

[Dunbal]

Watches the contrails of the age-old ROT-13 twice joke go streaming by far, far above AC's head.

Re:

[JAlexoi]

I'm using Cyrillic alphabet, you insensitive clod!

Re:

[Skapare]

It started as TRIPLE-ROT13, though.

Re:

[TheNinjaroach]

ROT-13 twice? Pfft. I optimized my own crypto functions by hand and get it all done with a single pass of ROT-26.

Re:

[Dunbal]

Why don't you ask the Romans?

Re:

[TheNinjaroach]

It's been awhile since I read Applied Cryptography, but I'm pretty sure the intro chapter of that book talks about how the Romans were using something a bit more sophisticated than ROT-13. It was essentially state-of-the-art cryptography for their time. It could be broken, yes, but it wasn't nearly as simple as ROT-13.

Re:

[Dunbal]

The Roman empire lasted for almost 1000 years. I'm sure they had a few technological innovations during that time. That doesn't detract from the fact that ROT-13 was invented by the Romans, nor does it exclude the possibility of them inventing more advanced encryption and also being able to call that more advanced thechnology "Roman encryption technology"...

Re:Double Encryption???

[icebike]

Actually, I remember reading somewhere that consecutive encryption of a file (or a data stream) provides no additional protection against brute force attacks. The brute force needed to decrypt the end result is virtually the same, whether you encrypt once or twice. Something about a "meet in the middle [google.com]" attack.

Not sure if this is true in all cases because TripleDES is a common encryption technique.
I (obviously) don't understand all that I read about this stuff.

Re:

[Anonymous Coward]

Most of the time, yeah, it makes little to no difference. It may change the problem (though double encrypting with the same encryption may not even do that, depending on the cipher), but not make it any more difficult.

However, that's assuming that the ciphers you're using aren't flawed. Using multiple ciphers means that if a flaw is discovered for one, it (hopefully) won't apply to the combination of the two.

Re:

[Tom]

One of the basic rules of cryptography is that you need to understand fully what you're doing, because it's complicated and has side-effects.

In many cases, encrypting something multiple times does not increase the strength of the encryption, and may even reduce it. Sometimes, though, it does.

In the case of 3DES, avoiding the meet-in-the-middle attack is one of the reasons that it is set up the way it is (two encryptions with one decryption in the middle).
But it is a good example - a novice would think that

Re:

[aaaaaaargh!]

Brute force is out of question if the cipher is secure and implemented correctly. Regarding techniques without brute force, it depends. If the keys are really independent and the system is designed with care it can and usually will be more secure. If I remember correctly, for two keys often triple encryption with minimum key (TEMK) is used and there is a proof that it is no less secure than single-pass encryption. (If you want, you can also take this as a confirmation of your claim.)

Generally speaking, incr

Re:

[kriston]

From what the PDF document is describing, the notion of "double encryption" is referring to the two security layers being used.

First, the SVoIP is encrypted using DES-SRTP.

Second, the SVoIP stream is tunnelled in a secure VPN layer--in this case IPsec IKEv2--which has its own encryption layer.

Once at the enterprise there is a third encryption but it's not really a "layer" because it's not in the public network. The one to and from the SIP server is "SIP over TLS" but that's inside the private network, here

Re:

[kriston]

Correction: I meant to type:
"First, the SVoIP is encrypted using SDES-SRTP."

Another diagram suggests this "SDES-SRTP" can also be SIP/TLS.

Re:

[voidphoenix]

Nah, you just didn't understand it because it was encrypted 78 times.

Will it fit...

[ackthpt]

In a shoe?

Re:

[ndogg]

Will it give you a clue?

Re:Will it fit...

[Maintenance Goof]

Since this is not a secure channel, I think we should use the cone of silence!

transparent case and dip switches...

[jdogalt]

All I've really wanted for christmas for the last 10 years is a phone easily disassemblable, with a transparent case, and user facing dip switches for the mic, the antennas, the battery, and these days, the power line going to the camera. Or alternately for the camera, a physical piece of plastic that slides to expose/cover the camera. Also the dip switches should be placed in such a way that it is reasonably convincing to technical users that they are in fact breaking the relevant physical traces/wires.

Maybe in 10 more years...

Re:

[Nethead]

You can have that. There are developer kits that you can glom together to make them. But it will be the size of a lunchbox, and be engineered just to your specifications. I suggest that you look to ham radio to to start your development.

Remember, if you wanted all that capability ten-ish years ago you would have something the size of, and the cost of, a news van.

see: http://en.wikipedia.org/wiki/Electronic_news_gathering [wikipedia.org]

The Russians used a pencil.

[robably]

Or you could keep your phone in a small metal tin?

When you actually need to use your phone all those security measures for the mic/battery/antenna/etc are going to have to be disabled anyway. Easier to keep it in a tin.

Re:

[darkmeridian]

It's called a battery pull. Sure, there might be a smaller battery or capacitor sitting somewhere powering the device in a stealthy manner, but that would be a concern even with your DIP switch theory--someone might put a smaller transmitter on the back of your microphone to enable signals to be sent while the DIP switch to the "real" transmitter is ostensibly disabled.

Microsoft about to sue government?

[JonahsDad]

Just wondering when Microsoft sues the NSA for patent infringement for using Android.

They are smarter than that

[Sycraft-fu]

MS knows that the government controls patents and that national security is a grounds that the government can take a patent away and make it public domain.

Interestingly enough the NSA has special status when it comes to patents. They can file secret patents that remain classified until someone tries to patent the same thing. At such time their patent is revealed and is valid from that date of revelation.

NSA can seize patents for their own and gag the in

[bd580slashdot]

One day I was reading James Bamford's book "The Puzzle Palace" which was all about the NSA and crypto stuff. I was sitting on the back porch of The Last Exit on Brooklyn street coffeehouse reading when I got to a chapter about a guy who had made an encrypting phone out of cheap off the shelf components. He called it the phasorphone. When he applied for a patent the NSA seized it and gagged him (that means he was threatened and coerced to not talk about it). I pointed at the name in the book and held it up to the guy across the table from me and said "Carl, is this you?". He told me a bit about it and said the NSA kept track of him all the time after that. Department of Defense DIRECTIVE NUMBER 5535.02 March 24, 2010 USD(P) SUBJECT: DoD Patent Security Review Process You know, national security and all that. Because the light of democracy is so weak that it can only succeed if veiled by the cloak of secrecy, right?

Re:

[darkmeridian]

The notion of a "born secret" is pretty bullshit, too, which is why the government never tried it in court. The idea is that some things are so secret that they are secret even if arrived at independently by third parties who did not use any secrets in doing so. Therefore, if you sat on a mountaintop and came up with nuclear bomb blueprints by yourself, the government would consider that classified material even though it was independently created. That's awesome in theory, but still fucking annoying.

Gotta love /. headlines...

[RareButSeriousSideEf]

Sensationalistic, inaccurate, or self-contradictory, pick any two.

Re:

[ThatsMyNick]

Is all of the above not an option?

Re:Gotta love /. headlines...

[kat_skan]

It is but there's a trick to it. You just have to pick two different ones when they post the dupe.

Re:

[RareButSeriousSideEf]

+1

Re:

[Nimey]

s/any/at least/

Hmmmm...

[olsmeister]

(dons tin foil hat) Do they really want phones like these to become inexpensive and easy to produce? Would we have been able to locate bin Laden if the courier and the whole group had these? Is there a back door hidden in the design that allows the NSA access? (removes tin foil hat)

Re:

[currently_awake]

These phones wouldn't have saved him. The calls still use the public network so are still traceable, and all the phones need access to the same key server. Knowing that MR x is a terrorist, you can assume anyone he calls might be a terrorist so you investigate them. And knowing where the key server is means you can get the codes to read the call.

Re:

[darkmeridian]

We didn't locate Bin Laden because his courier had shitty phones. We located Bin Laden because we caught some dude on the battlefield and Gitmod him with a five dollar wrench until he coughed up the courier's name (along with, presumably, part of his lungs). Even using a secure sat phone or encrypted phone wouldn't help Bin Laden because we would have triangulated on the signals, caught the guy, then Gitmo'd him with a five dollar wrench. In a practical sense, XKCD still has it right. If we want to catch yo

Research In Motion

[Mabbo]

Well, that should be the final nail in the coffin for the Blackberry. I've been saying for the last 2 years: All RIM has going is the fact that they have a secure phone. All someone needs to do is offer an Android-based phone with the same level of security, and they will have lost the only real selling point remaining that they had.

Re:

[account_deleted]

Comment removed based on user account deletion

fishbowl !=blowfish

[optimism]

re: "The doubly-encrypted phone, dubbed Fishbowl"

A strange combination of clever and ironic.
Fishbowl is an anagram of Blowfish, though I dunno if they use that cipher.
However to most folks, a fishbowl is something in clear view, under close observation.
Quirky.

Re:

[Anonymous Coward]

It's doubly-encrypted, so they use Twofish.

Re:

[treeves]

"Did you ever fly a kite in bed? Did you ever walk with ten cats on your head?"

Re:

[Nethead]

This had to bring a smile to Bruce's face.

Where was it made?

[OzPeter]

I hope not in China for the obvious reasons.

The design of the phone itself may be super-secure, but for it to be genuinely secure you need to have absolute faith in the integrity of the company building the thing.

Re:

[OzPeter]

The NSA has its own fab. They can make their own chips if they so choose. Depending on the level of security needed I'm sure they will.

They may have their own fab .. but from TFA ..

“The plan was to buy commercial components, layer them together and get a secure solution,”

You have to be able to trust the entire supply chain. In addition, they are talking about 3rd parties building these (who won't access to NSA systems) .. so why should I trust a 3rd party any more than I trust any other telecoms supplier?

Rogue Apps

[losttoy]

Remember, double encrypting rogue apps in AES does not make them good. The traditional approach towards security doesn't work very well in the mobile world especially Android. You have to not only do the regular things like encrypt but have a strict login such that they cannot run any app other than authorized. Not even the HTML5 stuff because it doesn't matter how locked down the phone is - once you allow an app on the phone that can access the data, it is game over.

You could RTFA

[Sycraft-fu]

Where you'd find out the encryption isn't about apps, but about the calls. The NSA requires it so that in the event there is a failure in the implementation of one of the encryption layers, that isn't an automatic compromise.

In terms of app control yes, it only gets apps from a DoD run app store. The phones can only get apps that the NSA has decided are ok. The control actually goes further than that, in that to place a call you connect to signals and they then route your call to the requested party. So you

Re:You could RTFA

[MartinSchou]

You have to remember the NSA is not new to this game. They are pretty much the best the world has ever seen at signals intelligence, and they were doing encryption back in the days when nobody had heard of such a thing.

Are you suggesting they also invented time travel and ventured back in time to before AD?

Encryption is a VERY old discipline, and was being used for more than a thousand years by the time Leonardo da Vinci was even born.

No not at all

[Sycraft-fu]

However cryptography wasn't widely used or known to the public back in the day. Also while the codes used were technically cryptography by the pure meaning of the word, they really weren't by modern thinking. They were, well, codes, secret language and the like. As an example the highly successful Navajo Code Talkers in WWII weren't using mathematical encryption, book cyphers, or the like, they were just speaking a language that nobody in Germany understood, and using special terminology.

The public really didn't have much of a study of cryptography in the modern sense back in the day. Heck, read up on the DES process. The NBS asked for submissions and nobody presented anything useful so they went to IBM and asked them to try (IBM being the biggest civilian employer of mathematicians at the time) and they developed DES, with some consultation with the NSA (who asked them to keep a lid on things like differential cryptanalysis).

When DES came out, it lead to a real jump start of civilian study of cryptography. People were curious about this new thing and started looking at it.

If you want to equate coded speech with mathematical crypto, ok fine then I guess, but it really isn't. Mathematical cryptography changed the game. With codes it was all about working to understand and guess the enemy's coding scheme, and such things were done all the time. With mathematical crypto, you can design a system that is unbreakable except through brute force (which you can make infeasible) or via some sort of new discovery in cryptology.

This is something the NSA was one of the very fist involved in, and indeed they came about due to the importance of code breaking in WWII. They were the largest employer of mathematicians in the world for a time (not sure if that is still true).

That's what I mean by "nobody had heard of it." I don't mean they invented it, I mean the concept was pretty much unknown to the public. The idea of a mathematical system that you could use to secure information was just not something people had heard of on any large scale. The NSA was writing crypto systems back when the geeks who now use crypto all the time were doing everything in plain text.

Re:

[Tom]

While I agree with you on most points, I don't think the absolute stands.

Ancient codes aren't crypto by todays standards, but they were in their days, so we need to give them credit for that, or else we should stop calling AES et al crypto as well, because a thousand years from now, people with quantum computers (or whatever) will laugh at us the way we laugh about the Cesar cypher today.

Two, the NSA and its predecessors were formed out of necessity, because there was encryption being used by the enemy, the

Re:

[darkmeridian]

The concept of cryptography has been around for thousands of years but the idea that security by obscurity was a bad idea is relatively new. The entire code talkers scheme was pure obscurity. The novelty is that mathematical cryptography is secure even when its mechanism is disclosed.

Re:

[currently_awake]

You could achieve high level security on an otherwise standard iphone by inserting an inline encryption engine before the radio/modem and having it handle the security. Proper sand-boxing of apps and only allowing apps that passed a security audit will round out the requirements.

Pay to have them done in the USA

[WindBourne]

Seriously, NSA, DOD, CIA, etc should be paying motorola/Google to build these SECURELY in the USA. Having this produced in China is NOT how you get secured communications.

Re:

[mlts]

I wouldn't mind Motorola doing exactly this.

Heck, Motorola can use the same hardware for their mass produced phones so they benefit from economies of scale. The difference could be a dedicated sub-ROM chip that gets code loaded on at a TS/SCI cleared facility (the same way the old Clipper chips were made in a normal facility, then the Skipjack algorithm was loaded.)

This way, most phones can have unlocked bootloaders and are free to run the latest CM version, while the phones for secure duty get the added c

Not a good article

[Anonymous Coward]

I was at the talk yesterday (at the RSA Conference) where NSA IAD director Margaret Salter presented this information. While the linked article is mostly factually correct, it glosses over or misses quite a few things. In no particular order:

* NSA's goal was to produce a spec for how to use commercial devices and commercial carriers yet still meet the requirements for SECRET or higher classified comms *without* forcing every user to be a COMSEC custodian. IMO, this represents a *huge* change in NSA's outlook on COMSEC and security in general. In the past, their focus has always been "security first, regardless of the impact on usability." Fishbowl's goals are an intriguing departure from this mindset.
* The selection of Android was not a starting point, but the outcome of a selection process that included requirements like "we have to be able to get the OS tweaked to meet our needs." The relative openness of Android played well against this requirement.
* Fishbowl currently only works on one handset. Salter declined to say which one, but it was clearly a Motorola product. Again, this was related to technical requirements around customization, boot loaders, etc
* The article gets it right about IPSEC vs SSLVPN but falls short of detailing the laundry list of things NSA wanted but was ultimately unable to obtain. It's clear that as the landscape evolves, NSA will update the fishbowl spec. For example, if someone made available an Android that supported Suite B, I think that would appear on the spec immediately.
* Salter did address the issue of rogue apps directly. She said that Fishbowl basically required policy support for locking out unapproved app installs, and that only NSA approved apps from the NSA enterprise app store would be allowed. "we don't want to be in the business of accrediting Angry Birds" is as close a quote as I can manage from memory.
* The best question from the audience was when someone asked if, by publishing a spec on how to do encrypted secure comms on an Android, her division hadn't made the job of the SIGINT spooks impossibly more difficult. She somewhat artfully dodged/refused to answer, and simply said that her job was to protect the data and communications of the US Government. My take: draw your own conclusions about NSA's ability to break IPSEC.

The talk was interesting, well presented, and completely sold out. I got one of the last 5 or 6 seats before they stopped letting people in the room.

Re:

[Sulphur]

* Salter did address the issue of rogue apps directly. She said that Fishbowl basically required policy support for locking out unapproved app installs, and that only NSA approved apps from the NSA enterprise app store would be allowed. "we don't want to be in the business of accrediting Angry Birds" is as close a quote as I can manage from memory.

Disgruntled Poultry, the classified version, because everything on this is probably classified.

Re:

[X0563511]

* The best question from the audience was when someone asked if, by publishing a spec on how to do encrypted secure comms on an Android, her division hadn't made the job of the SIGINT spooks impossibly more difficult. She somewhat artfully dodged/refused to answer, and simply said that her job was to protect the data and communications of the US Government. My take: draw your own conclusions about NSA's ability to break IPSEC.

There's a cost/benefit tradeoff here. In general I'd say it's better to have excellent defenses that even yourself can't penetrate, than to make sure everyone is weak. They used to play that game, and it's repeatedly been shown to be folly.

Re:

[subreality]

On the last point, I'm willing to take them at face value. They earned a lot of credibility when DES was being designed. They approved the basic design, but made some changes to some minor details of the design. No one outside the NSA knew why for years. Eventually differential cryptanalysis was publicly discovered, and in retrospect it became clear that the NSA's changes were to defend against the attack.

So yes, the NSA appears to put deploying real security firmly ahead of compromising other people's s

Re:

[Tom]

someone asked if, by publishing a spec on how to do encrypted secure comms on an Android, her division hadn't made the job of the SIGINT spooks impossibly more difficult. She somewhat artfully dodged/refused to answer, and simply said that her job was to protect the data and communications of the US Government. My take: draw your own conclusions about NSA's ability to break IPSEC.

Doesn't necessarily follow. The NSA has these two different and often conflicting missions. And I know that if I were in the second one (what she said), I would make damn sure that my own spooks can't break it. Because if they can, so can someone else.

Her dodge is probably due to this conflict, which I'm sure is constantly generating friction within the NSA.

Re:

[daveschroeder]

Exactly right, and it's not a dodge at all.

NSA has two separate missions that are both in conflict and complementary.

Folks here will immediate assume "OMG BACKDOORZ!@!@!!111" when in reality NSA's job is BOTH to break other peoples' systems while protecting our own. Having intentional vulnerabilities in our own encryption schemes is counterproductive on a number of levels.

That won't stop people from believing what they want to believe, however.

Old line

[MrShaggy]

Since the USA claimed that pedo-terrorists were the only ones that used encryption, what is the NSA trying to tell us.

Re:

[X0563511]

There's the morons in charge: politicians. Then, there's the nerds hiding in the back who actually know something: NSA.

It's pretty much like any corporation when you think about it!

To bad none of you actualy read the PDF

[FlyingGuy]

First of all it is not a "blueprint" for the device, it is a specification for a very secure device.

Second of all no place in the document does it say, "this device uses android"

The references to Android are as follows, all of them:

Requirements Description DC.1 "The Device Configuration and Policy Management service shall be able to determine the configuration of the device types and operating systems identified for use, e.g., Motorola Droid Pro with Android 2.2."

Requirements Description DC.3 "The Device

All that trouble to get secure voice

[Animats]

All NSA is doing here is trying to get secure voice over IP on a smart phone. They're not trying to secure the phone for non-voice data or support secure applications. The smart phone isn't helping; if they could get people to carry a second voice-only device, it would be far easier. A voice-only phone with all the firmware in ROM would be a much more secure device.

Re:

[muckracer]

> All NSA is doing here is trying to get secure voice over IP on a
> smart phone.

About time that SOMEBODY does! Go NSA.

Unclear on the concept of "top secret"

[DaveV1.0]

Top Secret is a secret/protection classification for information and determines who can access the information. If it has been released to the public it is not "top secret". This is a highly secure phone, not a top secret phone.

Security State is for thee, not for me

[Catbeller]

GPS tracking and logging, recording what you say, where you've been, what you post and what you read - the total police state. People mod me flamebait when I point out that we're living, eventually and soon, in a giant prison, a fishbowl, where the powerful get to see what we're up to, but we never see them or what they do.

Now we have the concrete illustration. "Fishbowl". They are fucking laughing at us.

When I read double encrypted fishbowl...

[Phaid]

Parnell: "Hello?"

Leila: "Is it you? This is Leila. Are you using a SCRAMBLER?"

Parnell: "I can't hear you, I'm using a SCRAMBLER!"

I'll wait ...

[PPH]

... for someone to find one in a bar, send it to Engadget [engadget.com] and have them disassemble, reverse engineer, and review the phone.

Re:

[FooAtWFU]

Maybe, but there are plenty of people who walk around working for TLAs all the time and not really trying to hide it. Perhaps they'd still like to encrypt their conversations?

Re:

[mlts]

That's why I wish these could be sold to the US masses. That way, it may or not be someone working for a TLA, but perhaps someone who wants some decent on phone security.

Pre-ICS, one thing that Motorola [1] phones had as an advantage was the ability to encrypt internal storage as well as the SD card. The advantage of this, especially coupled with remote wipe and wipe after "x" amount of bad password tries should be obvious.

It would be nice to have an Android device that can run apps, but still be designed

Re:

[currently_awake]

I agree. And as an added bonus you reduce the opportunities for other countries to steal your countries business secrets. And before you get worried about your government not catching terrorists, realize that the key servers would be kept safely in your country (accessible by warrant). Google could score big by including this in their next version (only usable with other android phones of course).

Re:

[ozmanjusri]

It would be nice to have an Android device that can run apps, but still be designed for decent security, even if someone's E-mails matter to only them.

It's been there for a while. Look under Settings/Security/Encrypt Tablet for ISC. Earlier versions had the setting under Location and Security.

Re:

[tqk]

The average person is innocent and therefore has nothing to hide thus rendering encryption unnecessary.

Yo, identity theft? The TLAs aren't the only people after all your seeeecret stuff. If I drop my phone and don't notice it, I like to know it's locked and nobody's going to get any use of it, or any of the data that's stored on it. I'd really hate it if losing it hurt someone who's info was stored on it.

On the other hand, would I trust the NSA to not enable a back door? Probably not (and I don't even particularly dislike them).

Re:

[mlts]

One can do mental gymnastics, but this is how I look at it:

If the NSA has a backdoor, eventually someone will find it and then glean knowledge of how they work. This may weaken them in the end. Plus, even if the NSA did, they can't really use it unless it would be an extremely high value target, or else their hand gets tipped.

A similar argument can be mounted against SELinux and PGP, where if the NSA did have backdoors, they would have to be extremely clever, as well as not used unless the target is extre

Re:Security Violation

[oodaloop]

Um, maybe being able to use it inside the secured faciltiy? I worked at DIA for a while, and if someone wasn't at their desk, aside from leaving a sticky note for them, the only thing you could do is walk around and look for them or wait. Outside of work, I could call, text, email, facebook, IM, etc. But at work, there was email to their desk, call their desk, or nothing. A secured cell phone to take with you when you walk around would make things so much easier.

Re:

[Skapare]

The article references conversations as secret, not the phone. Titles do get morphed on Slashdot. That's just the way of things.

Re:

[ozmanjusri]

RFC 2549 is not an encryption standard, and is highly vulnerable to man-in-the-middle (with shotgun) attacks.

I kinda doubt it

[Sycraft-fu]

So let's have a look and see what classified information has ever been leaked by Wikileaks. Looks like just the diplomatic cables and video that came from Bradley Manning. Well guess what? That wasn't a hack, that was a person with access, that misused their access to give the information to an unauthorized party. That kind of thing has been going on as long as there have been spys and it is something the intelligence community works on (preventing or exploiting depending on) all the time.

Past that? Nothing. I see nothing from Anonymous getting on to JWICS and grabbing and releasing tons of documents. They've DDoS'd webservers (and failed to DDoS others, Amazon proved to be too big a target) and gotten in to people who have security holes, but they don't seem to be able to get at the classified networks.

Maybe, just maybe, the NSA is a little better at signals security than you give them credit for.

it is SELinux stupid.

[bussdriver]

SELinux has a history with the NSA; it's known. anything Linux related will leverage that history. Actually, I thought that MS complained and used their corrupt influence to cut down on the governments contributions to linux.

Re:

[Calos]

Yeah, I know. This wasn't meant to be taken seriously.

Re:

[Calos]

Yeowch, flamebait. That might be my first -1 comment.

I'm guessing it provoked the ire of the Android folk? I had originally put in more against Apple to increase the level of levity, but figured I shouldn't provoke that lot. Without it, I guess people took it too seriously.

Oh well, lesson learned. Never try to have a sense of humor when fanboys are around. Guess I'll add that to the list, right after "never get involved in a land war in Asia" and "never go up against a Sicilian when death is on the line."

Re:

[CanEHdian]

Hmmm... It's registered by a "John Fenley" from Provo, UT. Adding insult to injury, the domain is registered through GoDaddy.

Re:

[X0563511]

Clearly you've not heard of TDEA [wikipedia.org].

Re:

[X0563511]

Angry "Birds" [buzzfed.com] indeed.

Re:

[X0563511]

Yea, care to take bets on the idea that the "redacted" text is not actually what was redacted - but was just placed their to be the low hanging fruit to satisfy idiots like you?

Re:

[muckracer]

> Will it blend?

Sure Will, but it will also explode big time because you made a phone call!